Sophos and false/positives issue

dales · #1 01-Jul-2009, 03:39 PM

All,

We just received the latest update from sophos for our enterprise service, as it started rolling it out it became obvious that something was wrong. We have monitoring software installed on a number of pc's which monitor what applications are installed etc and that is proving a false/positive.

Also affected is the logmein client which I assume the dll that managements the heartbeat messages to logmein are being deleted.

There are a few other bits of software affected on our network by I think they are quite rare outside our network. But if you roll with sophos enterprise dont be surprised to get a bunch of false positives and random deletion of files.

Gingerdave · #2 01-Jul-2009, 03:47 PM

We had that with McAffee and dameware. We ended up configuring a new profile for the ou that contains the IT computers and then stoping the anti virus on the remote machine for the duration of the session.

Pady · #3 03-Jul-2009, 12:08 PM

you could also contact Sophos and advise them about these false positives. they are usually very quick to update their detection rules. this is what we did for several pieces of software our consultants use. worked out easier and quicker this way.

dales · #4 03-Jul-2009, 12:59 PM

Yes we are doing that, I've supplied sophos with the files involved yesterday but thought I'd just post a quickie just in case anyone else starts getting them.

On one of our servers it started quarintining some pretty critical MS files.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

	RSS Contact Us - Support Us - CertForums - Archive - Privacy Statement - Top
Powered by vBulletin® Version 3.8.4 Copyright ©2000 - 2010, Jelsoft Enterprises Ltd. CertForums.co.uk (C) copyright 2003-2009 All Rights Reserved. Content published on CertForums.co.uk requires permission for reprint.